Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members.
The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.
In a statement to The Guardian, the encrypted messaging app said it has reached out to affected users, stating it had “high confidence” that the users were targeted and “possibly compromised.” It’s currently not known who is behind the campaign and for how long it took place.
The attack chain is said to be zero-click, meaning the deployment of the spyware occurs without requiring any user interaction. It’s suspected to involve the distribution of a specially-crafted PDF file sent to individuals who were added to group chats on WhatsApp.
The company also revealed that it had sent Paragon a “cease and desist” letter and that it was considering other options. The development marks the first time the company has been linked to cases where its technology has been misused.
Like NSO Group, Paragon is the maker of surveillance software called Graphite that’s offered to government clients in order to combat digital threats. It was acquired by a U.S.-based investment group AE Industrial Partners in December in a deal worth $500 million.
On its barebones website, the company claims it provides customers with “ethically based tools” to “disrupt intractable threats,” as well as offer “cyber and forensic capabilities to locate and analyze digital data.”
In late 2022, it came to light that Graphite was used by the U.S. Drug Enforcement Administration (DEA) for counternarcotics operations. Last year, the Center for Democracy and Technology (CDT) called on the Department of Homeland Security to release details about its $2 million contract with Paragon.
News of the campaign comes weeks after a judge in California ruled in WhatsApp’s favor in a landmark case against NSO Group for using its infrastructure to deliver the Pegasus spyware to 1,400 devices in May 2019.
Meta’s disclosure also coincided with the arrest of former Polish Justice Minister Zbigniew Ziobro over allegations that he sanctioned the use of Pegasus spyware to surveil opposition leaders and oversaw cases where the technology was used.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
The Hacker News
